Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 12DEF17A26 for ; Wed, 26 Aug 2015 10:15:57 +0000 (UTC) Received: (qmail 12166 invoked by uid 500); 26 Aug 2015 10:15:52 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 12129 invoked by uid 500); 26 Aug 2015 10:15:52 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 12118 invoked by uid 99); 26 Aug 2015 10:15:52 -0000 Received: from Unknown (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Aug 2015 10:15:52 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 8E77AEE25B for ; Wed, 26 Aug 2015 10:15:51 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 3.01 X-Spam-Level: *** X-Spam-Status: No, score=3.01 tagged_above=-999 required=6.31 tests=[HTML_MESSAGE=3, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mx1-us-west.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id m2OAO_htjgTB for ; Wed, 26 Aug 2015 10:15:38 +0000 (UTC) Received: from mail-la0-f52.google.com (mail-la0-f52.google.com [209.85.215.52]) by mx1-us-west.apache.org (ASF Mail Server at mx1-us-west.apache.org) with ESMTPS id 9FD8120FE1 for ; Wed, 26 Aug 2015 10:15:37 +0000 (UTC) Received: by lalv9 with SMTP id v9so115862291lal.0 for ; Wed, 26 Aug 2015 03:15:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=AUxN50+nMhRCUs9Yw3sqYq4Ib9DW+teCUyIV2Hawhkw=; b=jNYglZWI+zsDMK0jCPUJ1oi0LHNWwuThCXweYIzDqaHb7UkAf+qifXePgiDXnH2amd WPOTeJjwpFjguN3DTsDJaeX4B4yRyujT1QpAnmsPKjIp4WCrjT8R6CJ+IQ66xX9lndlY rIVbK6BRVF93kvO8f1T3H0EiJ7ZoJ5UYadPNsxJdsDBXTVmybMynkZ/+NzbNA48GIOI/ PDkqK9pXzmcKrtYDYuW8YtmYR1ZVi1dRhH9+09MKgzxQgS05fcNDZ7cgEh0iCU/bZRIz J2vBG5yjU49pi6CHpti5/Vcfll2L/VfWm68upEWvkgBHZgeTzN7NwiRJwYJ2dnHQxkvr 1Ujg== X-Gm-Message-State: ALoCoQndJ9eCWGlZqT5kxeqndNzi3tpXAfG5Q4Cc3n+BB+SqP8gz5vrMrDDZ7Ww4KUleysnnec1z MIME-Version: 1.0 X-Received: by 10.152.20.170 with SMTP id o10mr29834500lae.109.1440584135754; Wed, 26 Aug 2015 03:15:35 -0700 (PDT) Received: by 10.25.21.206 with HTTP; Wed, 26 Aug 2015 03:15:35 -0700 (PDT) In-Reply-To: References: <55DD7A10.10908@rqc.ru> Date: Wed, 26 Aug 2015 12:15:35 +0200 Message-ID: From: Anne Blankert To: users@httpd.apache.org, Sterpu Victor Content-Type: multipart/alternative; boundary=089e0141a9feae5bff051e342188 Subject: Re: Re[2]: [users@httpd] SSL - How client certificates are verified? --089e0141a9feae5bff051e342188 Content-Type: text/plain; charset=UTF-8 The problem is not in the client certificate but in the issuer certicates aka known as the certificate chain. I was able to solve the problem by adding the following line in my Apache server configuration: SSLCACertificateFile /etc/ssl/certs/clientcertificatechain.pem where file 'clientcertificatechain.pem' contains all the intermediate certificates for the client certificate. 2015-08-26 11:44 GMT+02:00 Sterpu Victor : > The certificates are already on the server. > > ------ Original Message ------ > From: "Marat Khalili" > To: users@httpd.apache.org > Sent: 8/26/2015 11:34:24 AM > Subject: Re: [users@httpd] SSL - How client certificates are verified? > > > I'm only guessing, but maybe manually adding all necessary intermediate > certificates to your server will help? > > -- > > With Best Regards, > Marat Khalili > > > On 26/08/15 09:31, Sterpu Victor wrote: > > I installed apache 2.4.16 and I have activated SSLOCSPEnable on a virtual > domain but the page is not loading at all with OCSPEnabled(without OCSP is > working). > > The error is: > SSL Library Error: error:27069065:OCSP > routines:OCSP_basic_verify:certificate verify error (Verify error:unable to > get local issuer certificate) > AH02039: Certificate Verification: Error (50): application verification > failure > AH01925: failed to verify the OCSP response > I would use SSLOCSPOverrideResponder > but > I have 4 different OCSP servers depending on the CA. > I checked the certificates and in the section Authority Information > Access there is a URL to the OCSP server. > This is the information from one of the certificates: > > [1]Authority Info Access > Access Method=On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1) > Alternative Name: > URL=http://ocsp.certsign.ro/ocsp > > ocsp.digisign.ro is answering on port 80. > Could be a problem with SSLOCSPEnable that is not auto extracting the > OCSP URL? > > My configuration is: > SSLEngine on > SSLCertificateFile /etc/ssl/card.casnt.ro/server.crt > SSLCertificateKeyFile /etc/ssl/card.casnt.ro/server.key > SSLCACertificateFile /etc/ssl/certs/RO/All_Certs.pem > > SSLVerifyClient require > SSLVerifyDepth 10 > SSLOptions +StdEnvVars +ExportCertData > SSLOCSPEnable On > > Thank you. > > ------ Original Message ------ > From: "Marat Khalili" > To: users@httpd.apache.org > Sent: 8/23/2015 8:16:06 PM > Subject: Re: [users@httpd] SSL - How client certificates are verified? > > > In this case, could you please post the results when you get the > SSLOCSPEnable fixed? I'm particularly interested in performance. > > -- > > With Best Regards, > Marat Khalili > > > On 23/08/2015 19:57, Sterpu Victor wrote: > > There are 4 CAs, at least 1 uses OCSP(only 1 I called). > I hope all of them use OCSP, I don't know the legislation but it seems > normal to be required by law. > > ------ Original Message ------ > From: "Marat Khalili" > To: users@httpd.apache.org > Sent: 8/23/2015 7:51:14 PM > Subject: Re: [users@httpd] SSL - How client certificates are verified? > > > Oh, I see. In this case you will have to check the status of their > certificates. Still, I suspect all of the tokens are issued by one CA. > Probably it is better to ask this CA for their procedures: do they use OCSP > or just publish CRLs. > > -- > > With Best Regards, > Marat Khalili > > > On 23/08/2015 19:41, Sterpu Victor wrote: > > All clients already have PKCS11 tokens. > It would be too complicated for them to get used with something else. > > ------ Original Message ------ > From: "Marat Khalili" > To: users@httpd.apache.org > Sent: 8/23/2015 7:34:07 PM > Subject: Re: [users@httpd] SSL - How client certificates are verified? > > > I see. However, accepting clients certificates from the world recognized > authorities is both more expensive (for clients) and more risky than > running your own CA (recognized only by your server). If you personally > know all your clients it is easier to issue them certificates directly, and > revoke them by yourself too if needed. > > -- > > With Best Regards, > Marat Khalili > > > On 23/08/2015 18:56, Sterpu Victor wrote: > > I want to make a page that will authenticate only with PKCS11 tokens. > These tokens contain only certificates from a recognized authority. > OCSP would be usefull if the token has been declared lost or stolen. > But I don't want to make things too complicated. > > > ------ Original Message ------ > From: "Marat Khalili" > To: users@httpd.apache.org > Sent: 8/23/2015 6:51:02 PM > Subject: Re: [users@httpd] SSL - How client certificates are verified? > > > Hello, what is your scenario? If you issue (sign) client certificates > yourself, Apache can correctly verify it against local CRL (certificate > revocation list) file (server restart may be required after file update). > There's information in the net concerning OCSP support for client > authentication in newer versions of Apache (google SSLOCSPEnable), but I > can see no real use for it save for some very complicated systems. > > -- > > With Best Regards, > Marat Khalili > > > On 23/08/2015 09:51, Sterpu Victor wrote: > > Hello > > I have a web page that asks for client certificate. > These are the options for this: > > SSLVerifyClient require > SSLVerifyDepth 10 > > How does SSLVerifyClient verifies the client certificate? > This option protects against certificates manual made with a fake > public-private key pair? > So can someoane make a certificate identical with the original, attach > another set of public and private keys and pretend to be someoane else? > > Thank you > > > ------------------------------ > [image: Avast logo] > > This email has been checked for viruses by Avast antivirus software. > www.avast.com > > > > *DISCLAIMER: Acest mesaj de posta electronica si documentele aferente sunt > confidentiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod > de utilizare a lor. Daca nu sunteti destinatarul acestui mesaj, este > interzis sa actionati in baza acestor informatii. Citirea, copierea, > distribuirea, dezvaluirea sau utilizarea in alt mod a informatiei continute > in acest mesaj constituie o incalcare a legii. Daca ati primit mesajul din > greseala, va rugam sa il distrugeti, anuntand expeditorul de eroarea > comisa. Intrucat nu poate fi garantat faptul ca posta electronica este un > mod sigur si lipsit de erori de transmitere a informatiilor, este > responsabilitatea dvs. sa va asigurati ca mesajul (inclusiv documentele > alaturate lui) este validat si autorizat spre a fi utilizat in mediul dvs.* > > > > > ------------------------------ > [image: Avast logo] > > This email has been checked for viruses by Avast antivirus software. > www.avast.com > > > > *DISCLAIMER: Acest mesaj de posta electronica si documentele aferente sunt > confidentiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod > de utilizare a lor. Daca nu sunteti destinatarul acestui mesaj, este > interzis sa actionati in baza acestor informatii. Citirea, copierea, > distribuirea, dezvaluirea sau utilizarea in alt mod a informatiei continute > in acest mesaj constituie o incalcare a legii. Daca ati primit mesajul din > greseala, va rugam sa il distrugeti, anuntand expeditorul de eroarea > comisa. Intrucat nu poate fi garantat faptul ca posta electronica este un > mod sigur si lipsit de erori de transmitere a informatiilor, este > responsabilitatea dvs. sa va asigurati ca mesajul (inclusiv documentele > alaturate lui) este validat si autorizat spre a fi utilizat in mediul dvs.* > > > > > ------------------------------ > [image: Avast logo] > > This email has been checked for viruses by Avast antivirus software. > www.avast.com > > > > *DISCLAIMER: Acest mesaj de posta electronica si documentele aferente sunt > confidentiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod > de utilizare a lor. Daca nu sunteti destinatarul acestui mesaj, este > interzis sa actionati in baza acestor informatii. Citirea, copierea, > distribuirea, dezvaluirea sau utilizarea in alt mod a informatiei continute > in acest mesaj constituie o incalcare a legii. Daca ati primit mesajul din > greseala, va rugam sa il distrugeti, anuntand expeditorul de eroarea > comisa. Intrucat nu poate fi garantat faptul ca posta electronica este un > mod sigur si lipsit de erori de transmitere a informatiilor, este > responsabilitatea dvs. sa va asigurati ca mesajul (inclusiv documentele > alaturate lui) este validat si autorizat spre a fi utilizat in mediul dvs.* > > > > > ------------------------------ > [image: Avast logo] > > This email has been checked for viruses by Avast antivirus software. > www.avast.com > > > > *DISCLAIMER: Acest mesaj de posta electronica si documentele aferente sunt > confidentiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod > de utilizare a lor. Daca nu sunteti destinatarul acestui mesaj, este > interzis sa actionati in baza acestor informatii. Citirea, copierea, > distribuirea, dezvaluirea sau utilizarea in alt mod a informatiei continute > in acest mesaj constituie o incalcare a legii. Daca ati primit mesajul din > greseala, va rugam sa il distrugeti, anuntand expeditorul de eroarea > comisa. Intrucat nu poate fi garantat faptul ca posta electronica este un > mod sigur si lipsit de erori de transmitere a informatiilor, este > responsabilitatea dvs. sa va asigurati ca mesajul (inclusiv documentele > alaturate lui) este validat si autorizat spre a fi utilizat in mediul dvs.* > > > > > ------------------------------ > [image: Avast logo] > > This email has been checked for viruses by Avast antivirus software. > www.avast.com > > > > *DISCLAIMER: Acest mesaj de posta electronica si documentele aferente sunt > confidentiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod > de utilizare a lor. Daca nu sunteti destinatarul acestui mesaj, este > interzis sa actionati in baza acestor informatii. Citirea, copierea, > distribuirea, dezvaluirea sau utilizarea in alt mod a informatiei continute > in acest mesaj constituie o incalcare a legii. Daca ati primit mesajul din > greseala, va rugam sa il distrugeti, anuntand expeditorul de eroarea > comisa. Intrucat nu poate fi garantat faptul ca posta electronica este un > mod sigur si lipsit de erori de transmitere a informatiilor, este > responsabilitatea dvs. sa va asigurati ca mesajul (inclusiv documentele > alaturate lui) este validat si autorizat spre a fi utilizat in mediul dvs.* > > > > > ------------------------------ > [image: Avast logo] > > This email has been checked for viruses by Avast antivirus software. > www.avast.com > > > > *DISCLAIMER: Acest mesaj de posta electronica si documentele aferente sunt > confidentiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod > de utilizare a lor. Daca nu sunteti destinatarul acestui mesaj, este > interzis sa actionati in baza acestor informatii. Citirea, copierea, > distribuirea, dezvaluirea sau utilizarea in alt mod a informatiei continute > in acest mesaj constituie o incalcare a legii. Daca ati primit mesajul din > greseala, va rugam sa il distrugeti, anuntand expeditorul de eroarea > comisa. Intrucat nu poate fi garantat faptul ca posta electronica este un > mod sigur si lipsit de erori de transmitere a informatiilor, este > responsabilitatea dvs. sa va asigurati ca mesajul (inclusiv documentele > alaturate lui) este validat si autorizat spre a fi utilizat in mediul dvs.* > > --089e0141a9feae5bff051e342188 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
The problem is not in the client certificate but in the is= suer certicates aka known as the certificate chain.
I was able to solve= the problem by adding the following line in my Apache server configuration= :

SSLCACertificateFile /etc/ssl/certs/clientcertif= icatechain.pem

where file 'clientcertifica= techain.pem' contains all the intermediate certificates for the client = certificate.



2015-08-26 11:44 GMT+02:00 Sterpu Vict= or <victor@caido.ro>:
The certificates are already on the server.
=C2=A0
------ Original Message ------
From: "Marat Khalili" <mkh@rqc.ru>
Sent: 8/26/2015 11:34:24 AM
Subject: Re: [users@httpd] SSL - How client certificates are verified?=
=C2=A0
I'm onl= y guessing, but maybe manually adding all necessary intermediate certificat= es to your server will help?
--

With Best Regards,
Marat Khalili

On 26/08/15 09:31, Sterpu Victor wrote:
I installed apache 2.4.16 and I have activated SSLOCSPEnable on a virtual domain but the page is not loa= ding at all with OCSPEnabled(without OCSP is working).
=C2=A0
The error is:
SSL Library Error: error:27069065:OCSP routines:OCSP_basic_verify:cert= ificate verify error (Verify error:unable to get local issuer certificate)<= br>AH02039: Certificate Verification: Error (50): application verification = failure
AH01925: failed to verify the OCSP response
I would use SSLOCSPOverrideResponder=C2=A0but I have 4=C2=A0different OCSP servers depending on t= he CA.
I checked the certificates and in the section <= span lang=3D"EN">Authority Information Access there is a URL to the OCSP se= rver.
This is the information from = one of the certificates:
[1]Authority Info Access
Access Method=3DOn-line Certi= ficate Status Protocol (1.3.6.1.5.5.7.48.1)
Alternative Name:
ocsp.digi= sign.ro is answering on port 80.
Could be a problem with SSLOCSPEnable=C2= =A0that is not auto=C2=A0extracting the OCSP URL?
=C2=A0
My configuration is:
=C2=A0=C2=A0=C2=A0 SSLEngine on
=C2=A0=C2=A0=C2=A0 SSLCertif= icateFile=C2=A0=C2=A0=C2=A0 /etc/ssl/card.casnt.ro/server.crt
=C2=A0=C2=A0=C2=A0 = SSLCertificateKeyFile /etc/ssl/card.casnt.ro/server.key
=C2=A0=C2=A0=C2=A0 SSLCAC= ertificateFile=C2=A0 /etc/ssl/certs/RO/All_Certs.pem
=C2=A0
=C2=A0=C2=A0=C2=A0 SSLVerifyClient require
=C2=A0=C2=A0=C2= =A0 SSLVerifyDepth 10
=C2=A0=C2=A0=C2=A0 SSLOptions +StdEnvVars +ExportC= ertData
=C2=A0=C2=A0=C2=A0 SSLOCSPEnable On<= /div>
=C2=A0
Thank you.
=C2=A0
------ Original Message ------
From: "Marat Khalili" <mkh@rqc.ru>
Sent: 8/23/2015 8:16:06 PM
Subject: Re: [users@httpd] SSL - How client certificates are verified?=
=C2=A0
In this c= ase, could you please post the results when you get the SSLOCSPEnable fixed= ? I'm particularly interested in performance.
--

With Best Regards,
Marat Khalili
On 23/08/2015 19:57, Sterpu Victor wrote:
There are=C2=A04 CAs, at least=C2=A01 uses OCSP(only=C2=A01 I called).=
I hope all of them use OCSP, I don't know the legislation but it s= eems normal to be required by law.
=C2=A0
------ Original Message ------
From: "Marat Khalili" <mkh@rqc.ru>
Sent: 8/23/2015 7:51:14 PM
Subject: Re: [users@httpd] SSL - How client certificates are verified?=
=C2=A0
Oh, I see= . In this case you will have to check the status of their certificates. Sti= ll, I suspect all of the tokens are issued by one CA. Probably it is better= to ask this CA for their procedures: do they use OCSP or just publish CRLs= .
--

With Best Regards,
Marat Khalili
On 23/08/2015 19:41, Sterpu Victor wrote:
All clients already have PKCS11 tokens.
It would be too complicated for them to get used with something else.<= /div>
=C2=A0
------ Original Message ------
From: "Marat Khalili" <mkh@rqc.ru>
Sent: 8/23/2015 7:34:07 PM
Subject: Re: [users@httpd] SSL - How client certificates are verified?=
=C2=A0
I see. Ho= wever, accepting clients certificates from the world recognized authorities= is both more expensive (for clients) and more risky than running your own = CA (recognized only by your server). If you personally know all your client= s it is easier to issue them certificates directly, and revoke them by your= self too if needed.
--

With Best Regards,
Marat Khalili
On 23/08/2015 18:56, Sterpu Victor wrote:
I want to make a page that will authenticate only=C2=A0with PKCS11 tok= ens.
These tokens contain only certificates from a recognized authority.
OCSP would be usefull if the token has been declared=C2=A0lost or stol= en.
But I don't want to make things too complicated.
=C2=A0
=C2=A0
------ Original Message ------
From: "Marat Khalili" <mkh@rqc.ru>
Sent: 8/23/2015 6:51:02 PM
Subject: Re: [users@httpd] SSL - How client certificates are verified?=
=C2=A0
Hello, wh= at is your scenario? If you issue (sign) client certificates yourself, Apac= he can correctly verify it against local CRL (certificate revocation list) = file (server restart may be required after file update). There's inform= ation in the net concerning OCSP support for client authentication in newer= versions of Apache (google SSLOCSPEnable), but I can see no real use for i= t save for some very complicated systems.
--

With Best Regards,
Marat Khalili
On 23/08/2015 09:51, Sterpu Victor wrote:
Hello
=C2=A0
I have a web page that asks for client certificate.
These are the options for this:
=C2=A0
SSLVerifyClient require
SSLVerifyDepth 10

How=C2=A0does SSLVerifyClient=C2=A0 verifies the client certificate?
This option protects against certificates manual made with a fake publ= ic-private key=C2=A0pair?
So can someoane make a=C2=A0certificate identical with the original, a= ttach another set of public and private keys and pretend to be someoane els= e?
=C2=A0
Thank you


3D"Avast

This email has b= een checked for viruses by Avast antivirus software.
www.avast.com



DISCLAIMER= :
Acest mesaj de posta electronica si documentele aferente sunt confide= ntiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod de utili= zare a lor. Daca nu sunteti destinatarul acestui mesaj, este interzis sa ac= tionati in baza acestor informatii. Citirea, copierea, distribuirea, dezval= uirea sau utilizarea in alt mod a informatiei continute in acest mesaj cons= tituie o incalcare a legii. Daca ati primit mesajul din greseala, va rugam = sa il distrugeti, anuntand expeditorul de eroarea comisa. Intrucat nu poate= fi garantat faptul ca posta electronica este un mod sigur si lipsit de ero= ri de transmitere a informatiilor, este responsabilitatea dvs. sa va asigur= ati ca mesajul (inclusiv documentele alaturate lui) este validat si autoriz= at spre a fi utilizat in mediul dvs.





3D"Avast

This email has b= een checked for viruses by Avast antivirus software.
www.avast.com



DISCLAIMER= :
Acest mesaj de posta electronica si documentele aferente sunt confide= ntiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod de utili= zare a lor. Daca nu sunteti destinatarul acestui mesaj, este interzis sa ac= tionati in baza acestor informatii. Citirea, copierea, distribuirea, dezval= uirea sau utilizarea in alt mod a informatiei continute in acest mesaj cons= tituie o incalcare a legii. Daca ati primit mesajul din greseala, va rugam = sa il distrugeti, anuntand expeditorul de eroarea comisa. Intrucat nu poate= fi garantat faptul ca posta electronica este un mod sigur si lipsit de ero= ri de transmitere a informatiilor, este responsabilitatea dvs. sa va asigur= ati ca mesajul (inclusiv documentele alaturate lui) este validat si autoriz= at spre a fi utilizat in mediul dvs.





3D"Avast

This email has b= een checked for viruses by Avast antivirus software.
www.avast.com



DISCLAIMER= :
Acest mesaj de posta electronica si documentele aferente sunt confide= ntiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod de utili= zare a lor. Daca nu sunteti destinatarul acestui mesaj, este interzis sa ac= tionati in baza acestor informatii. Citirea, copierea, distribuirea, dezval= uirea sau utilizarea in alt mod a informatiei continute in acest mesaj cons= tituie o incalcare a legii. Daca ati primit mesajul din greseala, va rugam = sa il distrugeti, anuntand expeditorul de eroarea comisa. Intrucat nu poate= fi garantat faptul ca posta electronica este un mod sigur si lipsit de ero= ri de transmitere a informatiilor, este responsabilitatea dvs. sa va asigur= ati ca mesajul (inclusiv documentele alaturate lui) este validat si autoriz= at spre a fi utilizat in mediul dvs.





3D"Avast

This email has b= een checked for viruses by Avast antivirus software.
www.avast.com



DISCLAIMER= :
Acest mesaj de posta electronica si documentele aferente sunt confide= ntiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod de utili= zare a lor. Daca nu sunteti destinatarul acestui mesaj, este interzis sa ac= tionati in baza acestor informatii. Citirea, copierea, distribuirea, dezval= uirea sau utilizarea in alt mod a informatiei continute in acest mesaj cons= tituie o incalcare a legii. Daca ati primit mesajul din greseala, va rugam = sa il distrugeti, anuntand expeditorul de eroarea comisa. Intrucat nu poate= fi garantat faptul ca posta electronica este un mod sigur si lipsit de ero= ri de transmitere a informatiilor, este responsabilitatea dvs. sa va asigur= ati ca mesajul (inclusiv documentele alaturate lui) este validat si autoriz= at spre a fi utilizat in mediul dvs.





3D"Avast

This email has b= een checked for viruses by Avast antivirus software.
www.avast.com



DISCLAIMER= :
Acest mesaj de posta electronica si documentele aferente sunt confide= ntiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod de utili= zare a lor. Daca nu sunteti destinatarul acestui mesaj, este interzis sa ac= tionati in baza acestor informatii. Citirea, copierea, distribuirea, dezval= uirea sau utilizarea in alt mod a informatiei continute in acest mesaj cons= tituie o incalcare a legii. Daca ati primit mesajul din greseala, va rugam = sa il distrugeti, anuntand expeditorul de eroarea comisa. Intrucat nu poate= fi garantat faptul ca posta electronica este un mod sigur si lipsit de ero= ri de transmitere a informatiilor, este responsabilitatea dvs. sa va asigur= ati ca mesajul (inclusiv documentele alaturate lui) este validat si autoriz= at spre a fi utilizat in mediul dvs.





3D"Avast

This email has been checked for viruses by Avast antivirus software.
www.a= vast.com



DISCL= AIMER:
Acest mesaj de posta electronica si documentele aferente sun= t confidentiale. Este interzisa distribuirea, dezvaluirea sau orice alt mod= de utilizare a lor. Daca nu sunteti destinatarul acestui mesaj, este inter= zis sa actionati in baza acestor informatii. Citirea, copierea, distribuire= a, dezvaluirea sau utilizarea in alt mod a informatiei continute in acest m= esaj constituie o incalcare a legii. Daca ati primit mesajul din greseala, = va rugam sa il distrugeti, anuntand expeditorul de eroarea comisa. Intrucat= nu poate fi garantat faptul ca posta electronica este un mod sigur si lips= it de erori de transmitere a informatiilor, este responsabilitatea dvs. sa = va asigurati ca mesajul (inclusiv documentele alaturate lui) este validat s= i autorizat spre a fi utilizat in mediul dvs.



--089e0141a9feae5bff051e342188--